Date: Fri, 14 Apr 2017 15:22:00 +0000 (UTC) From: Konstantin Belousov <kib@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r316852 - head/sbin/fsck_ffs Message-ID: <201704141522.v3EFM09u092171@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: kib Date: Fri Apr 14 15:22:00 2017 New Revision: 316852 URL: https://svnweb.freebsd.org/changeset/base/316852 Log: In fsck_ffs pass1, prevent the inosused variable from wrapping. The loop that scans the used inode map when soft updates is in use assumes that the inosused variable is signed. However, ino_t is unsigned, so the loop invariant is incorrect and the check for inosused wrapping to < 0 can never be true. Instead of checking for wrap after the fact just prevent it from happening in the first place. PR: 218592 Submitted by: Todd Miller <todd.miller@courtesan.com> Reviewed by: mckusick MFC after: 1 week Modified: head/sbin/fsck_ffs/pass1.c Modified: head/sbin/fsck_ffs/pass1.c ============================================================================== --- head/sbin/fsck_ffs/pass1.c Fri Apr 14 15:16:41 2017 (r316851) +++ head/sbin/fsck_ffs/pass1.c Fri Apr 14 15:22:00 2017 (r316852) @@ -133,9 +133,14 @@ pass1(void) */ if ((preen || inoopt) && usedsoftdep && !rebuildcg) { cp = &cg_inosused(cgp)[(inosused - 1) / CHAR_BIT]; - for ( ; inosused > 0; inosused -= CHAR_BIT, cp--) { - if (*cp == 0) + for ( ; inosused != 0; cp--) { + if (*cp == 0) { + if (inosused > CHAR_BIT) + inosused -= CHAR_BIT; + else + inosused = 0; continue; + } for (i = 1 << (CHAR_BIT - 1); i > 0; i >>= 1) { if (*cp & i) break; @@ -143,8 +148,6 @@ pass1(void) } break; } - if (inosused < 0) - inosused = 0; } /* * Allocate inoinfo structures for the allocated inodes.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201704141522.v3EFM09u092171>